OVAL Reference oval:org.opensuse.security:def:58865

Oval Definition:

oval:org.opensuse.security:def:58865

Revision Date:	2021-11-17	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-49 (bsc#1192250) * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:	unix	Class:	patch
Status:		Reference(s):	1001600 1049825 1054979 1065237 1076957 1083302 1083303 1090671 1091236 1099498 1106923 1108835 1109252 1109893 1110445 1110542 1111278 1111319 1112024 1112911 1113083 1113296 1113632 1113665 1115245 1116574 1116995 1117751 1117776 1118460 1118462 1118463 1119183 1120629 1120630 1120631 1121816 1121821 1124729 1124734 1125623 1125666 1127155 1128378 1128471 1128472 1128474 1128476 1128480 1128481 1128490 1128492 1128493 1131709 1131823 1134226 1137977 1140039 1145521 1171252 1171254 1174157 1175259 1192250 974655 980722 994989 CVE-2009-1720 CVE-2009-1721 CVE-2010-4530 CVE-2013-6418 CVE-2014-1829 CVE-2014-1830 CVE-2015-2296 CVE-2016-10708 CVE-2016-4912 CVE-2016-7567 CVE-2018-13785 CVE-2018-15686 CVE-2018-15688 CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639 CVE-2018-19640 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-5732 CVE-2018-5733 CVE-2019-17639 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 CVE-2019-6109 CVE-2019-6111 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-12653 CVE-2020-12654 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2021-38503 CVE-2021-38504 CVE-2021-38505 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-38510 SUSE-SU-2018:0100-1 SUSE-SU-2018:0812-1 SUSE-SU-2018:3767-1 SUSE-SU-2018:4064-1 SUSE-SU-2019:0655-1 SUSE-SU-2019:1122-1 SUSE-SU-2019:2265-1 SUSE-SU-2020:2482-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libpango-1_0-0-1.40.14-lp150.1 is installed OR typelib-1_0-Pango-1_0-1.40.14-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND phpMyAdmin-4.9.5-43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information dhcp-4.3.3-10.14 is installed OR dhcp-client-4.3.3-10.14 is installed OR dhcp-relay-4.3.3-10.14 is installed OR dhcp-server-4.3.3-10.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libssh2-1-1.4.3-20.3 is installed OR libssh2-1-32bit-1.4.3-20.3 is installed OR libssh2_org-1.4.3-20.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libIlmImf-Imf_2_1-21-2.1.0-4 is installed OR openexr-2.1.0-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-91.3.0-112.80.2 is installed OR MozillaFirefox-devel-91.3.0-112.80.2 is installed OR MozillaFirefox-translations-common-91.3.0-112.80.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-ecdsa-0.13.3-5.10 is installed

BACK